Dissertation

COMMON LAW PRIVACY:
IS PRIVACY ADEQUATELY
PROTECTED IN NEW ZEALAND?
Jason C. Mitchell
A Dissertation presented in partial fulfilment of the requirements of the
University of Auckland for the degree of Bachelor of Laws (Hons)
October 2013

Common Law Privacy: Is Privacy Adequately Protected in New Zealand?
Jason Mitchell
i
Abstract
Privacy is considered to be one of the most difficult concepts for the law to define. It is embedded in so
many areas of our lives, and takes such a large variety of forms, that some have despaired that it is too
complex and elusive to be usefully addressed at all.1 Many theories have attempted to uncover the unique
feature that differentiates privacy from all other concepts but none can be deemed satisfactory. However,
it is vital that privacy is protected in some way because it is essential to life in a free and democratic
society. In New Zealand, the answer to date has been to protect against specific privacy violations using
a myriad of common law, equity and statute. Unfortunately, this has resulted in fragmented protection
and inconsistent remedies between those areas that are protected.
Therefore, a review of privacy law is required. This paper submits that New Zealand should abandon the
current approach to privacy protection and adopt a more sophisticated three-element statutory tort that is
capable of recognising and analysing all privacy claims. This tort uses a bottom-up approach which
focuses on the various forms of privacy and examines problems in their particular contexts. Where other
approaches tend to fail in one regard or the other, this tort, if applied properly, is capable of putting the
spotlight on the highly contextual nature of each privacy claim while maintaining consistency across
each judicial decision.
1 See, for example, Robert Post “Three Conceptions of Privacy” (2001) 89 Geo LJ 2087.

Jason Mitchell
ii
Acknowledgments
I would like to express my thanks and appreciation to Stephen Penk as the supervisor of my dissertation.
Your direction and guidance at the initial stages of this dissertation was invaluable, as was the discussion
and insight that you provided on a number of its aspects.
I must also extend my gratitude to my friends and family for their support and encouragement during not
only the process of writing of this dissertation but also throughout the entirety of my studies.

Jason Mitchell
iii
Table of Contents
I Introduction .......................................................................................................................................... 1
II Is Privacy Adequately Protected in New Zealand?................................................................................... 3
A Current Protection ............................................................................................................................. 3
B Adequacy of Protection...................................................................................................................... 4
1 Information privacy ....................................................................................................................... 4
2 Territorial privacy.......................................................................................................................... 6
3 Bodily or physical privacy.............................................................................................................. 6
4 Communications and surveillance privacy....................................................................................... 7
5 Attentional privacy ........................................................................................................................ 7
6 Decisional privacy ......................................................................................................................... 8
7 Summary....................................................................................................................................... 8
III The Concept of Privacy ......................................................................................................................... 9
A Coherentism...................................................................................................................................... 9
1 Right to be let alone ....................................................................................................................... 9
2 Limited-access to the self ............................................................................................................. 11
3 Control........................................................................................................................................ 13
4 Personhood.................................................................................................................................. 16
B Reductionism .................................................................................................................................. 20
C Pragmatism..................................................................................................................................... 22
D Summary ........................................................................................................................................ 24
IV Formulating a New Model................................................................................................................... 24
A Defining the New Model.................................................................................................................. 25
1 Zones of privacy and private objects ............................................................................................. 25
2 Invasions of private objects .......................................................................................................... 26
3 Unreasonable invasions ................................................................................................................ 27
B Specific Privacy Invasions................................................................................................................ 29
1 Intrusions .................................................................................................................................... 29
2 Publicity...................................................................................................................................... 32
3 Data vulnerability ........................................................................................................................ 37
V Assessment of the New Model............................................................................................................. 41
VI Impact of the New Model on Future Legal Developments ...................................................................... 43
VII Conclusion...................................................................................................................................... 44
VIII Bibliography ................................................................................................................................... 48

Jason Mitchell
1
I Introduction
The concept of privacy is considered to be essential to life in a free and democratic society. Its very
origins appear to be rooted in man’s animal nature.2 Privacy encompasses a countless variety of practices,
each promoting different values. These include the facilitation of “self-creation, independence,
autonomy, creativity, imagination, counter-culture, freedom of thought, and reputation.”3 Privacy creates
conditions whereby one can truly be an autonomous individual, free from conformist pressures and
societal interferences with decision-making.4 These conditions provide one with an outlet for self-
expression and the opportunity to explore alternative ways of life, thus breeding diversity.5 Furthermore,
these conditions are necessary to the forming of close human relationships which feature “respect, love,
friendship and trust.”6
Whereas privacy was once a product of necessity, it has become a matter of freedom and legal focus with
technological advancements presenting a real threat to its existence.7 This threat and the need for legal
protection were recognised in 1890 by Warren and Brandeis who argued for the securement of a “right
to be let alone”.8 Concerns for privacy have multiplied in the information age in which we now live,
especially due to the increasing availability and presence of several surveillance techniques. Public
opinion in New Zealand reflects these concerns.9
However, notwithstanding the increased legal attention, privacy has failed to gain significant common
law protection in New Zealand as an independent value until recent times. While Warren and Brandeis’
article is considered to be the catalyst for modern privacy law developments, only in 1986 did our High
Court express support, albeit cautiously, for the introduction of “a tort covering invasion of personal
privacy at least by public disclosure of private facts”.10 The tort was recognised and defined by our Court
2 Alan Westin Privacy and Freedom (Atheneum, New York, 1967) at 8.
3 Daniel Solove “Conceptualizing Privacy” (2002) 90 Cal L Rev 1087 at 1145-1146.
4 Sidney Jourard “Some Psychological Aspects of Privacy (1966) 31 Law & Contemp Probs 307 at 308-309.
5 Ruth Gavison “Privacy and the Limits of the Law” (1980) 89 Yale LJ 421 at 448-451.
6 Charles Fried “Privacy” (1968) 77 Yale LJ 475 at 477.
7 Westin, above n 2, at 21-22.
8 Samuel Warren and Louis Brandeis “The Right to Privacy” (1890) 4 Harv L Rev 193. This phrase was used earlier by Judge
Cooley in Thomas Cooley A Treatise on the Law of Torts (2nd ed, Callaghan, Chicago, 1888) at 29.
9 See, for example, UMR Research Individual privacy and personal information (Office of the Privacy Commissioner, April
2012) <www.privacy.org.nz> at 4 which, in a 2012 telephone survey of 750 New Zealanders, found that 67% of respondents
were concerned about privacy; up 8% since 2010 and 20% since 2001.
10 Tucker v News Media Ownership Ltd [1986] 2 NZLR 716 (HC) at 733.

Jason Mitchell
2
of Appeal almost 20 years later.11 Despite this, two members of our Supreme Court have since expressed
reservations about the tort.12
The slow and unsure development of the tort can be attributed to the fact that privacy as a concept resists
clear theoretical definition and the difficulties in creating an overarching theory of privacy. While most
people have an intuitive sense of what should be private, there is no universally-agreed definition upon
which legal protection can be built.13 Privacy is an ever-moving concept, relative to historical, cultural
and societal influences, and involves a “myriad of different things”.14 Consequently, there still remains
considerable confusion as to the nature of the interest which we are seeking to protect.15 An analysis of
the more influential attempts at a conception of privacy will be conducted in Part III below.
These difficulties have led some commentators to reject any recognition of the tort of invasion of privacy,
concluding that it would be unworkable.16 However, if we recognise that privacy is a value is worthy of
protection, this cannot accepted as the correct position. Furthermore, this conclusion becomes untenable
upon examination of the successful efforts of draftspersons to codify privacy within international
instruments,17 along with the emergence of civil protection in the United States, Quebec, France and
Germany,18 as well as in New Zealand recently. Although an all-encompassing conception of privacy is
likely impossible, analysing claims with regard to the specific facts and interests implicated in each case
has proved possible and more desirable than not recognising a privacy right at all.19
This paper will argue that the law in New Zealand, as it currently stands, does not adequately protect the
various aspects of the right to privacy. It will then explore a model which could be used to reform the
law in order to provide better coverage of these aspects. This will first require consideration of what the
concept of privacy is and the interests behind it. Before proceeding, it must be noted this paper will focus
on privacy between individuals, and between individuals and private organisations, as opposed to privacy
between individuals and the state.
11 Hosking v Runting [2005] 1 NZLR 1 (CA).
12 Elias CJ and Anderson J in Television New Zealand Ltd v Rogers [2008] 2 NZLR 277 (SC).
13 Stephen Penk and Rosemary Tobin (eds) Privacy Law in New Zealand (Brookers, Wellington, 2010) at 2.
14 Solove, above n 3, at 1095.
15 Edward Bloustein “Privacy as an Aspect of Human Dignity: An Answer to Dean Prosser” (1964) 39 NYU L Rev 962 at
962.
16 See, for example, Leon Brittan “The Right of Privacy in England and the United States” (1963) 37 Tul L Rev 235 at 267.
17 Brooker v Police [2007] 3 NZLR 91 (SC) at 153.
18 John Craig “Invasion of Privacy and Charter Values: The Common-Law Tort Awakens” (1997) 42 McGill LJ 355 at 380.
19 James Waldo, Herbert Lin and Lynette Millett (eds) Engaging Privacy and Information Technology in a Digital Age
(National Academies Press, Washington, 2007) at 85.

Jason Mitchell
3
II Is Privacy Adequately Protected in New Zealand?
A Current Protection
As it currently stands, privacy finds piecemeal protection in New Zealand under the common law, equity
and statute. The developing tort of invasion of privacy has been the most promising in terms of the
possibility of providing broad coverage of privacy violations.
The requirements for a successful claim were defined by our Court of Appeal in Hosking:20
(1) The existence of facts in respect of which there is a reasonable expectation of privacy; and
(2) Publicity given to those private facts that would be considered highly offensive to an objective reasonable
person.
The Court also provided “a defence enabling publication to be justified by a legitimate public concern in
the information.”21 The greater the invasion of privacy, the greater the level of public concern must be to
establish this defence. However, the tort is far from settled. As already alluded to in Part I, in Rogers, our
Supreme Court had the chance to bring some certainty to this area of the law. Unfortunately, it declined
to do so and two members expressed reservations about the tort. Anderson J said that its existence and
scope needed to be reviewed in an appropriate case.22 Elias CJ did not believe that its limits were those
stated in Hosking, especially questioning the “highly offensive” element.23
Despite these uncertainties, in the recent High Court decision of Holland, Whata J extended the tort
beyond merely protecting against the public disclosure of private facts.24 In essence, he created a new
privacy tort protecting individuals from highly offensive interferences with their solitude or seclusion. In
its very early stages of development, this tort has four elements: (1) an intentional and unauthorised
intrusion (meaning not consensual or lawful intrusions);25 (2) into the seclusion of the plaintiff’s intimate
personal activity, space or affairs; (3) involving infringement of a reasonable expectation of privacy; (4)
that is highly offensive to a reasonable person.26 These last two elements are derived directly from
Hosking. However, given that this tort was created and has been used only in this case, its continued
20 Hosking v Runting, above n 11, at 32.
21 At 35.
22 At [144].
23 At [23]-[26].
24 C v Holland [2012] NZHC 2155.
25 At [95].
26 At [94].

Jason Mitchell
4
existence is far from certain. This is especially true considering the difficult development of the tort of
invasion of privacy. It is yet to be tested in our higher courts and issues remain regarding how offensive
the intrusion will need to be and the monetary value that the courts will be willing to attach to the right.
Along with these slowly developing torts, the courts have used other torts and the equitable doctrine of
confidence to indirectly protect privacy interests. Furthermore, the Privacy Act 1993 and the
Broadcasting Act 1989 are directed at privacy and, in conjunction with a miscellany of other statutory
provisions, address some specific privacy concerns. These will be considered in more detail below.
B Adequacy of Protection
As indicated above, there are numerous aspects of privacy which are distinct, and yet linked by the idea
of having the right to live a private existence.27 Although there is no consensus, the aspects generally
included are: information privacy, territorial privacy, bodily or physical privacy, and communications
and surveillance privacy; and often included are: attentional privacy and decisional privacy.28 The
protection of these aspects will now be considered.
1 Information privacy
Information privacy involves the interest in controlling private information and data about oneself that is
held or used by others.29 Prior to the creation of the public disclosure tort, the common law used other
causes of action to protect this interest. These are still relevant. The tort of defamation may provide a
remedy, but only where the private information is false and its publication lowers reputation.30 Therefore,
it does not provide one with any ability to keep true aspects of his or her life within the private realm. A
careless disclosure of information may also give rise to liability in negligence.31 Furthermore, the
disclosure of private information may be remediable under a breach of confidence where the information
is of a confidential nature and the person disclosing acquired it in circumstances importing an obligation
of confidence.32
27 Penk and Tobin, above n 13, at 10.
28 These aspects are not independent of each other and thus two or more may be implicated by the same invasion.
30 Laws of New Zealand Tort (online ed) at [189].

Jason Mitchell
5
In terms of statutory protection, the Privacy Act 1993 protects against public and private agencies that
gather information about individuals,33 prescribing how this information can be obtained, stored and
used.34 Unfortunately, along with being far from comprehensive in terms of information privacy
protection, it is unenforceable in court, except for the right to access information about oneself held by a
public sector agency.35 Complaints for breaches may be made to the Privacy Commissioner and, in the
last instance, to the Human Rights Review Tribunal, but this provides complainants with “little or no
meaningful remedy”.36 The Broadcasting Act 1989 prescribes that “broadcasters must maintain in their
programmes, and the presentation of them, standards which are consistent with ‘the privacy of the
individual’.”37 As with the Privacy Act, the coverage of this statute is specific to one area of information
privacy. Complaints for breaches are made to the Broadcasting Standards Authority. There are also
numerous other statutory provisions in New Zealand that address very specific aspects of information
privacy. For example, the Tax Administration Act 1994,38 and the Public Trust Act 2001,39 prohibit
disclosure of information held by the relevant organisations. The Copyright Act 1994 provides a remedy
for a breach of copyright over one’s private information, such as a photograph, film or piece of literary
work.40
These sources of law, while protecting particular areas of information privacy, leave a number of gaps.
Moreover, the common law causes of action are not designed to protect privacy and the statutes often
provide inadequate remedies. Therefore, the development of the tort of invasion of privacy has the
potential to greatly increase protection in this area. The public disclosure tort is directed toward the
disclosure of private information and the intrusion tort, despite having been used only in a case involving
territorial and bodily privacy, could be extended to intrusions upon information privacy. Unfortunately,
although they may provide broad coverage over information privacy, development has been very slow
and there is still much uncertainty over both torts. Technological advancements will continue to increase
concern in the area of information privacy especially, and hence we need more solid and comprehensive
legal protection in this area.
33 Privacy Act 1993, s 2.
34 Stephen Todd (ed) The Law of Torts in New Zealand (5th ed, Brookers, Wellington, 2005) at 853-854.
35 Section 11.
37 Broadcasting Act 1989; Todd, above n 34, at 854 and 887.
38 Tax Administration Act 1994, ss 81-89.
39 Public Trust Act 2001, s 34.
40 Copyright Act 1994, ss 120-121.

Jason Mitchell
6
2 Territorial privacy
Territorial privacy is concerned with the interest in controlling entry into one’s personal space.41 Until
recently, there was no privacy-specific protection of this interest. Actions based on property rights, like
trespass and nuisance, provide territorial privacy protection where there has been an unlawful entry or a
substantial and unreasonable interference with the enjoyment of the land.42 The damages awarded may
even expressly include compensation for an invasion of privacy.43 However, these fail to protect against
intrusions where the plaintiff has no property right or possessory interest in the land as well as intrusions
that are intangible, such as eavesdropping that, with the use of technology, does not take place on the
land.44
There is also some statutory protection of territorial privacy. The Crimes Act 1961 prohibits the use of
listening devices to monitor private conversations,45 and the Summary Offences Act 1981 makes it an
offence to peep or peer into a dwellinghouse by night.46 Unfortunately, these are criminal offences so a
plaintiff would have to argue for damages for a breach of statutory duty. In addition, the New Zealand
Bill of Rights Act 1990 protects against the unreasonable search and seizure of one’s property, but this
applies only to the actions of the public sector.47
As above, these sources are inadequate. The tortious protection fails to recognise territorial privacy as an
interest in its own right, with its focus instead being on the plaintiff’s relationship to the land, and the
statutes are unlikely to provide meaningful remedy. While the intrusion tort could provide better
coverage, it is currently untested and, therefore, its existence and elements remain unsure.
3 Bodily or physical privacy
Bodily or physical privacy involves the interest in freedom from interference with one’s person or body.48
Bodily privacy invasions were traditionally protected by civil and criminal actions such as assault, battery
or negligence.49 However, the focus of damages was merely on the physical harm suffered. There is also
42 Laws of New Zealand Tort (online ed) at [187]-[188].
43 Ramsay v Cooke [1984] 2 NZLR 680 (HC) at 687.
44 Craig, above n 18, at 385.
45 Crimes Act 1961, s 216B.
46 Summary Offences Act 1981, s 30.
47 New Zealand Bill of Rights Act 1990, ss 3 and 21.
49 See, for example, Crimes Act, s 196.

Jason Mitchell
7
specific statutory protection against the making of non-consensual visual recordings under the Crimes
Act,50 and against unreasonable search and seizure of the person by the public sector under the New
Zealand Bill of Rights Act.51 Therefore, the intrusion tort could significantly expand the scope of legal
protection of bodily privacy by focusing on the spiritual harm suffered. Those who are subjected to
harassment or stalking would particularly benefit.52
As for the non-consensual appropriation of one’s image, voice, name or other distinguishing personal
characteristic, the tort of passing off provides some protection.53 However, this is merely incidental
because the tort applies only where the characteristic has been used in the course of trade. It also protects
something more akin to a property right than a personal one. There is currently no privacy-specific
protection in this area.54
4 Communications and surveillance privacy
Communications and surveillance privacy concerns the interest in freedom from surveillance, and from
the monitoring or interception of one’s communications, for example, an unauthorised taping of one’s
telephone line.55 As stated above, the Crimes Act 1961 prohibits the use of listening devices to monitor
private conversations.56 In addition, the Postal Services Act 1998 makes it an offence to open a letter
addressed to someone else.57 However, again, these are criminal offences and thus provide inadequate
civil remedies. Moreover, they do not offer complete coverage of communications and surveillance
privacy. In 2007, the Law Commission acknowledged the lack of common law protection against non-
trespassory surveillance.58 The intrusion tort is promising but the second element, as expressed in
Holland, would need to be extended.
5 Attentional privacy
Attentional privacy covers the interest in excluding intrusions that force one to direct attention to them
as opposed to matters of one’s own choosing, such as the repetitive calling of one’s phone or spamming
50 Section 216H.
51 Section 21.
52 Craig, above n 18, at 385-386.
54 The disclosure tort provides no protection as personal characteristics are not private facts.
56 Section 216B.
57 Postal Services Act 1998, s 23.
58 Law Commission Search and Surveillance Powers (NZLC R97, 2007) at 313.

Jason Mitchell
8
one’s email address.59 The Harassment Act 1997 provides civil remedies for harassing conduct which
causes distress.60 Many of the acts which amount to harassment under s 4 of the Act would also cause
intrusions upon attentional privacy. The tort of nuisance may also provide some protection here, but only
to a plaintiff who has a possessory interest in the land on which the interference takes place. As above,
the intrusion tort would need to be extended to apply here.
6 Decisional privacy
Decisional privacy involves one’s “right to choose” and ability to decide on lifestyle, sexual orientation
and other personal matters without undue influence, such as whether to abort a pregnancy.61 Included
within this is the right to be free from the monitoring of one’s associations. This aspect of privacy has
been criticised for really being a matter of autonomy and liberty rather than privacy. Regardless,
invasions of decisional privacy occur almost solely between an individual and the state and are thus
beyond the focus of this paper.
7 Summary
Currently, the protection given to privacy in New Zealand is inadequate. We have some statutory
protection but only in very specific areas. Moreover, this protection is often lacking in remedial support
and, where a remedy is available, it is often difficult to obtain. The common law protection which is not
privacy-specific provides a remedy only where the plaintiff can establish requirements which are
irrelevant to establishing whether his or her privacy has been invaded. Furthermore, the privacy invasion
is merely a subsidiary factor and so the remedy given may not take the privacy interest into account. The
two privacy torts, although more promising, are still uncertain. The disclosure tort is also not broad
enough to encompass all privacy exposures, such as the appropriation of one’s name or likeness, and the
intrusion tort has not been extended to all types of privacy intrusions. These gaps result in inconsistent
protection of equally deserving privacy claims.
Therefore, a review of privacy law is required. This must include consideration of whether it is possible
to provide broad and comprehensive coverage through separate and specific protection of different
privacy aspects, or whether a general right of privacy would be a better approach. However, the first step
in a review of privacy must be to examine the concept of privacy and the interests behind it.
59 Australian Law Reform Commission Privacy (ALRC R22, Vol 1, 1983) at 22.
60 Harassment Act 1997, s 16.

Jason Mitchell
9
III The Concept of Privacy
As alluded to above, privacy is notoriously difficult to conceptualise. In this Part we will seek to
summarise, analyse and critique the various attempts at a conception of privacy. Having an accurate and
workable conception of privacy is crucial to identifying the best way to protect it. The following theories
can be split into three broad categories: coherentism, reductionism and pragmatism.
A Coherentism
The traditional method used to conceptualise privacy involves attempting to identify the core or essence
of privacy: the common denominator to the aspects of life that we consider to be private. Theorists who
use this method can be described as coherentists. Although those in this category acknowledge that
privacy manifests itself differently in different situations, they argue that there is something unique about
privacy claims that distinguish them from other claims which may also have a privacy element.62 They
also believe that this unique common denominator can be used to identify privacy in its various
manifestations. Coherentists thus conclude that this common denominator should form the basis of a
separate privacy tort, specifically designed to protect the privacy interest.
1 Right to be let alone
The best-known definition of privacy is probably the “right to be let alone”. This phrase was first used
by Judge Cooley, albeit to explain that attempted physical touching was a tort injury. It was then adopted
by Warren and Brandeis in their seminal article which recognises a right of privacy.63 Although the
primary focus of their article is on invasions of privacy by newspapers only, Brandeis J, dissenting in the
United States Supreme Court almost 40 years later, uses the phrase again in a state intrusion case.64 He
then describes the right as “the most comprehensive of rights and the right most valued by civilized men.”
Brandeis J’s formulation has since been invoked on numerous occasions by the American courts.65
Despite its popularity, neither the phrase nor the article expressly provide us with a real coherent
conception of privacy. In reality, the purpose of the article was to “explore the roots of a right to privacy
62 Penk and Tobin, above n 13, at 13-14.
63 Warren and Brandeis, above n 8, at 195.
64 Olmstead v United States (1928) 277 US 438 (SC) at 478.
65 See, for example, Katz v United States (1967) 389 US 347 (SC) at 350; Stanley v Georgia (1969) 394 US 557 (SC) at 564;
and Eisenstadt v Baird (1972) 405 US 438 (SC) at 454.

Jason Mitchell
10
in the common law and explain how such a right could develop” rather than to create a conception of
privacy.66 It acts as the foundation upon which other coherent conceptions have been created.
However, the phrase does suggest the existence of an intrusion-free sphere involving territorial privacy
and freedom from attention more generally, which includes the right to make decisions and conduct one’s
life without undue interference.67 Fortas J describes it as the right “to live one’s life as one chooses, free
from assault, intrusion or invasion except as they can be justified by the clear needs of community”. 68
Douglas J observes that it also includes one’s right to plan his or her own affairs outside areas of plainly
harmful conduct.69 The common denominator among these descriptions could be described as a principle
of “non-interference”.70 This conception protects individual liberty: in particular, one’s ability to
withdraw from society and to choose whether to associate with others.71 It thus contains elements of the
conceptions of privacy as limited-access to the self and as control, both of which will be discussed below.
Warren and Brandeis also expressly state that privacy over personal information is protected by the
principle of an “inviolate personality.”72 They argue that this is to be distinguished from proprietary or
property interests, and is instead a personal or dignitary interest,73 which forms a “part of the more general
right to the immunity of the person – the right to one’s personality.”74 The nature of the harm which the
right to privacy seeks to protect against is the mental pain and distress caused by privacy invasions. 75
Therefore, the notion that privacy rests on the principle of the inviolate personality can be linked to
conceptions based on personhood which are discussed below.
The main criticism of conceptualising privacy as the right to be let alone is that it is too broad and vague.
Anita Allen explains that:76
If privacy simply meant “being let alone”, any form of offensive or harmful conduct directed toward another
person could be characterized as a violation of personal privacy. A punch in the nose would be a privacy invasion
as much as a peep in the bedroom.
68 Time Inc v Hill (1967) 385 US 374 (SC) at 413.
69 Doe v Bolton (1973) 410 US 179 (SC) at 213.
70 Lee Bygrave Data Protection Law: Approaching its Rationale, Logic and Limits (Kluwer Law International, The Hague,
2002) at 128.
71 Joel Reidenberg “Resolving Conflicting International Data Privacy Rules in Cyberspace” (2000) 52 Stan L Rev 1315 at
1343.
72 At 205.
73 At 200-201, 204 and 213.
74 At 207.
75 At 196-197.
76 Anita Allen Uneasy Access: Privacy for Women in a Free Society (Rowman & Littlefield, Totowa, 1988) at 7.

Jason Mitchell
11
Most human interactions that would not be considered offensive or harmful fall under the category of
failing to let someone alone. It is only truly possible for one to be let alone if he or she lives in complete
isolation from society. Furthermore, if we consider privacy from the perspective of non-interference, it
provides no guidance in understanding situations where there are calls for state interference to protect
privacy against invasions by other individuals or corporations.77 Alternatively, when considered from the
perspective of the inviolate personality, it fails to assist in identifying where and how privacy should
apply.78 It merely describes an attribute or part of the value of privacy. This issue will be considered in
more detail below.
While Warren and Brandeis’ article was extremely influential, it should be considered only as a footing
for the development of other conceptions of privacy rather than a complete conception in itself.
2 Limited-access to the self
A number of conceptions can be categorised under the heading of privacy as limited-access to the self.
These theories all recognise one’s need “for concealment and for being apart from others.”79 However,
we must be careful not to equate them with solitude. Although solitude forms part of the conceptions of
privacy as limited-access, they extend to multiple types of interferences and intrusions by the state and
private persons.
Edwin Godkin, an early limited-access theorist, argues that privacy constitutes the “right to decide how
much knowledge of [a person’s] personal thought and feeling…private doings and affairs…the public at
large shall have”.80 Alan Westin defines privacy as, inter alia, “the voluntary and temporary withdrawal
of a person from the general society through physical or psychological means”.81 According to Hyman
Gross, privacy is “the condition of human life in which acquaintance with a person or with affairs of his
life which are personal to him is limited.”82 David O’Brien understands privacy as “fundamentally
denoting an existential condition of limited access to an individual’s life experiences and engagements”,
claiming that privacy should not be considered in terms of control over such access because some privacy
77 Gavison, above n 5, at 438.
78 Solove, above n 3, at 1101-1102.
79 Solove, above n 3, at 1102-1103.
80 Edwin Godkin “The Rights of the Citizen: IV – To His Own Reputation” Scribner’s Magazine (New York, July 1890) at
65.
81 Westin, above n 2, at 7.
82 Hyman Gross “The Concept of Privacy” (1967) 42 NYU L Rev 34 at 35-36.

Jason Mitchell
12
is accidental, compulsory or involuntary.83 Sissela Bok conceives of privacy as “the condition of being
protected from unwanted access by others – either physical access, personal information, or attention.”84
A key problem with all of the above conceptions is that they fail to provide an approach to determining
what matters are private and, as such, they are too vague.85 Furthermore, they offer no guidance as to
when the degree of access constitutes an unreasonable infringement of privacy. Not all instances of access
to the self can be regarded as privacy violations. The consequence is that these conceptions are also too
broad.
Ruth Gavison attempts to address these deficiencies with a more detailed conception of privacy. Firstly,
she defines privacy as “a limitation of others’ access to an individual.”86 Secondly, she holds that an
individual is in a state of “perfect privacy when he is completely inaccessible to others.”87 Finally, she
adds what she believes are the three irreducible and independent yet interrelated components of privacy:
(1) secrecy (the limitation of information known about X); (2) anonymity (the limitation of attention paid
to X); and (3) solitude (the limitation of physical access to X). Therefore, a loss of privacy occurs when
others obtain information about, pay attention to, or gain access to an individual.
Gavison’s conception of privacy has been criticised for being both too broad and too narrow. It is too
broad because if we treat a loss of privacy as gaining any information about, paying any attention to, or
gaining any physical access to an individual, the concept loses its intuitive meaning.88 It is also too narrow
because, in trying to avoid the vagueness of other limited-access conceptions, the three components of
privacy exclude some aspects of privacy including decisional privacy,89 and the forms of information
gathering which do not “reveal secrets, destroy anonymity, or thwart solitude.”90
Gavison’s theory, along with other limited-access conceptions to varying degrees, has also been criticised
for overlooking an individual’s power to choose to reveal personal aspects of him or herself to others.91
They fail to adequately describe the workings of privacy in an individual’s relationship with society.
83 David O’Brien Privacy, Law, and Public Policy (Praeger, New York, 1979) at 15-16.
84 Sissela Bok Secrets: On the Ethics of Concealment and Revelation (Pantheon Books, New York, 1982) at 10-11.
86 Gavison, above n 5, at 428-429 and 433-436.
87 Gavison acknowledges that existing in a state of perfect privacy would be impossible and undesirable.She is merely setting
up a boundary on a privacy continuum.
88 Raymond Wacks Personal Information: Privacy and the Law (Clarendon Press, Oxford, 1989) at 16-18.
89 Gavison recognises that some practices which would commonly be considered to be aspects of privacy are excluded from
her theory.

Jason Mitchell
13
Nicole Moreham deals with this shortcoming through the inclusion of the element of “desire” within her
conception. She defines privacy as:92
[T]he state of “desired ‘inaccess’” or as “freedom from unwanted access”…a person will be in a state of privacy
if he or she is only seen, heard, touched or found out about if, and to the extent that, he or she wants to be seen,
heard, touched orfound out about.Something is therefore “private” if a person has a desire for privacy in relation
to it.
Tipping J also includes this element within his definition of privacy as, inter alia, “the right to have people
leave you alone if you do not want some aspect of your personal life to become public property”.93 Under
these theories, aloneness constitutes privacy only where it is chosen or desired and there is no interference
with the privacy of an individual who willingly reveals a personal aspect of him or herself to another.
Unfortunately, while desire acts as an important “limiting or controlling factor”,94 it may be too
individual and subjective for legal application.95
3 Control
Another set of conceptions can be grouped under privacy as control. These theories recognise that a
definition of privacy requires the addition of an element of control over access to the self and can thus
be considered a subgroup of the limited-access conception. This is evidenced by Charles Fried who
argues that privacy “is not simply an absence of information about us in the minds of others; rather it is
the control we have over information about ourselves.”96
Along with Fried, most of the theorists within this group focus on privacy as control over personal
information. Adam Breckenridge defines privacy simply as, inter alia, “the individual’s right to control
dissemination of information about himself”.97 Arthur Miller states that “the basic attribute of an effective
right of privacy is the individual’s ability to control the circulation of information relating to him”.98 Alan
Westin conceives of privacy as, inter alia, “the claim of individuals, groups, or institutions to determine
for themselves when, how, and to what extent information about them is communicated to others.”99
92 Nicole Moreham “Privacy in the Common Law: A Doctrinal and Theoretical Analysis ” (2005) 121 LQR 628 at 636-637.
93 Hosking v Runting, above n 11, at [238].
94 Wacks, above n 88, at 18.
95 Moreham, above n 92, at 643-644.
96 Fried, above n 6, at 482.
97 Adam Breckenridge The Right to Privacy (University of Nebraska Press, Lincoln, 1970) at 1.
98 Arthur Miller The Assault on Privacy: Computers, Data Banks, and Dossiers (University of Michigan Press, Ann Arbor,
1971) at 25.

Jason Mitchell
14
According to Gavin Phillipson, privacy is “in essence, informational autonomy, that is, the individual’s
interest in controlling the flow of personal information about [him or] herself.”100
The first issue with most of these conceptions is that they fail to define the types of information that a
privacy right would give individuals control over.101 Without this, they appear to protect all information
over which individuals want to retain control.102 As a consequence, they are too vague and likely too
broad. However, attempts have been made to restrict the category of personal information over which
individuals should be able to exert control. Fried links his definition of privacy with the values of
“respect, love, friendship and trust”,103 and accordingly, his use of “information” can be limited to that
which is needed to form and foster relationships which involve these values.104 This effectively means
“intimate” information.105 Unfortunately, this is too narrow because it omits information which is
commonly regarded as private such as financial records.106 Alternatively, Richard Murphy restricts
personal information to “any data about an individual that is identifiable to that individual”.107 However,
this is too broad because society does not deem all information identifiable to an individual to be private,
such as one’s occupation.108 It would seem that “personal information” may be just as difficult to define
as “privacy”.
Furthermore, even if a sufficient definition of personal information was possible, the second issue with
these conceptions is that they fail to account for other aspects of privacy.109 With their limited focus on
the disclosure and non-disclosure of information, they exclude, for example: decisional privacy, one’s
“freedom to engage in private activities”, and intrusions by nuisances that disrupt one’s peace of mind.110
Additionally, surveillance which does not gain any information would still be commonly regarded as an
invasion of privacy.111 Therefore, any conception which reduces privacy to informational concerns must
be too narrow.
100 Gavin Phillipson “Transforming Breach of Confidence? Towards a Common Law Right of Privacy under the Human
Rights Act” (2003) 66 Mod LR 726 at 732.
102 See Tom Gerety “Redefining Privacy” (1977) 12 Harv CR-CL L Rev 233 at 262, where he argues that Westin’s conception
“on its face includes all control over all information about oneself”.
103 At 477.
105 The content of “intimate” information will be discussed in further detail below.
106 Judith DeCew In Pursuit of Privacy: Law, Ethics, and the Rise of Technology (Cornell University Press, Ithaca, 1997) at
56.
107 Richard Murphy “Property Rights in Personal Information: An Economic Defense of Privacy” (1996) 84 Geo LJ 2381 at
2383.
108 Solove, above n 3, at 1111-1112.
109 DeCew, above n 106, at 2.
110 O’Brien, above n 83, at 14.
111 Judith DeCew “The Scope of Privacy in Law and Ethics” (1986) 5 Law and Philosophy 145 at 154-158.

Jason Mitchell
15
Some theorists have avoided this problem by conceptualising privacy as control over access more
generally.112 Richard Parker defines privacy as “control over when and by whom the various parts of us
can be sensed by others.”113 Parker also states that “control over who can see us, hear us, touch us, smell
us, and taste us…is the core of the concept of privacy.” Judith DeCew believes that control is the key
factor to what she sees as the three types of privacy claims “concerning information about oneself,
physical access to oneself, and [interference with one’s] decision making”.114 According to Julie Inness,
privacy is “having control over intimate decisions, including decisions about access, information, and
[one’s] actions.”115 Stephen Todd conceives of privacy as, inter alia, the exercise of “a measure of control
over relationships with others”.116 This includes control over the availability to others of one’s
correspondence, communications and activities, as well as information about oneself.
While these conceptions avoid the difficulties of defining personal information, they fail to adequately
define what one can exercise control over. Parker’s definition is too broad because it effectively makes
the majority of the interpersonal contact that takes place in society an invasion of privacy, despite it
frequently not being perceived as such, because it brings unwanted access to the self.117 DeCew and
Inness’ theories also suffer the same problem, along with issues in defining the scope of personal
information and interferences with decision making. Inness’ theory is also too narrow as privacy concerns
are implicated in a wider range of decisions than merely those which are intimate. Todd’s conception is
too vague because he does not describe or narrow down what is meant by “a measure of control”.
Additionally, all theories based on privacy as control have failed to give a workable explanation of what
is meant by “control”. Some omit to expand upon this at all. Many information-based control theories
see personal information as the property of the individual to whom it relates.118 This can be justified by
viewing this information as an extension of our individual personalities which, according to individualist
theory, is owned by the individual.119 However, this extension creates problems. As Daniel Solove
recognises:120
112 It could be argued that these theorists have simply defined personalinformation very broadly. However, this seems to be
misleading because their definitions extend well beyond the boundaries of what would ordinarily be considered as personal
information.
113 Richard Parker “A Definition of Privacy” (1974) 27 Rutgers L Rev 275 at 280-281.
115 Julie Inness Privacy, Intimacy and Isolation (Oxford University Press, New York, 1992) at 91.
116 Todd, above n 34, at 846.
118 See, for example, Westin, above n 2, at 324.
119 Edward Shils “Privacy: Its Constitution and Vicissitudes” (1966) 31 Law & Contemp Probs 281 at 290.
120 Solove, above n 3, at 1112-1113.

Jason Mitchell
16
Information can be easily transmitted, and once known by others, cannot be eradicated from their minds. Unlike
physical objects, information can be possessed simultaneously within the minds of millions… Personal
information is often formed in relationships with others,with all parties to that relationship having some claim to
that information.
Consequently, a claim of privacy cannot be a claim of ownership. The final criticism of conceptions of
privacy as control is that control cannot be the sole factor in determining all the aspects of life that we
consider to be private. Control places too much emphasis on individual choice. These theories presume
that “privacy is something to be protected at the discretion of the individual to whom the information
relates.”121 However, privacy is not only a matter of individual prerogative; it is also determined by what
society decides should be protected.122 That said, a conception of privacy should include some element
of one’s interest in selectively allowing access to the self. An individual’s privacy may also be invaded
without that individual making any choice.123 For example, in the case of a flasher, the flasher controls
visual access to his or her body, and yet it is the privacy of onlookers which is violated. Furthermore, an
individual may lose control over access to the self without access actually being gained.124 If an internet
hacker has the technical ability to access our emails, we lose control over access to our personal
information, but there is no privacy invasion unless and until the hacker actually does so. Therefore, all
conceptions that define privacy as control, even over access generally, are still too narrow.
4 Personhood
The final group of coherent theories can be described as personhood conceptions. These conceptions
differ from limited-access and control conceptions in that they are constructed around the values that
privacy protects rather than around what privacy actually is. Both Gross and O’Brien criticise personhood
conceptions for only telling us why we value privacy and failing to explain how we should protect it.125
As a result, they are often combined with the other conceptions to explain what privacy should protect,
how these things should be protected, and why privacy is important. Personhood conceptions can be split
into two categories: (1) human dignity, autonomy and individuality; and (2) intimacy.
121 Ferdinand Schoeman “Privacy: Philosophical Dimensions of the Literature” in Philosophical Dimensions of Privacy: An
Anthology (Cambridge University Press, Cambridge, 1984) 1 at 3.
122 Solove, above n 3, at 1111 and 1115.
123 Daniel Farber “Book Review: Privacy, Intimacy, and Isolation by Julie C Inness” (1993) 10 Const Comment 510 at 514-
515.
124 Moreham, above n 92, at 638.
125 Gross, above n 82, at 53; O’Brien, above n 83, at 9.

Jason Mitchell
17
(a) Human dignity, autonomy and individuality
The first category of personhood conceptions focuses on the protection of dignity, autonomy and
individuality. Edward Bloustein builds his theory upon the foundation of Warren and Brandeis’ principle
of an inviolate personality, which he believes “defines man’s essence as a unique and self-determining
being.”126 From this, he argues that privacy protects against conduct that is demeaning to individuality,
an affront to personal dignity or an assault on human personality.127 According to Stanley Benn, privacy
amounts to “respect for someone as a person, as a chooser…as one engaged on a kind of self-creative
enterprise, which could be disrupted, distorted, or frustrated even by so limited an intrusion as
watching.”128 He argues that when an individual is the focus of another’s scrutiny and attention, he or
she “becomes aware of himself [or herself] as an object, knowable, having a determinate character”,
which results in the individual being “fixed as something – with limited probabilities rather than infinite,
indeterminate possibilities.”129 In other words, an invasion of privacy limits one’s freedom and capacity
to choose. Similarly, John Craig understands privacy as “a condition or state that provides the individual
with a retreat from the conformist pressures of social norms”, which “protects the individual from
interferences in the personal decision-making process.”130 He believes that privacy is essential to the
promotion of individualism, autonomy and independence.
These conceptions have been subject to a number of criticisms. They are too vague because they fail to
adequately define the scope or nature of the terms used such as “personhood”, “dignity”, “individuality”
and “freedom”.131 They are also too narrow because there are other interests which privacy seeks to
protect.132 For example, one’s bank account details are protected by privacy, not for the purposes of his
or her dignity, but rather for his or her protection financially and against identity theft. Furthermore, they
are too broad because “there are ways to offend dignity and personality that have nothing to do with
privacy.”133 Bloustein recognises that there are other torts which involve interferences with dignity and
individuality, but argues that privacy invasions can be distinguished by the character of the
interference.134 However, although he gives examples, he does not provide an explanation of the nature
126 Bloustein, above n 15, at 971.
127 At 973-974.
128 Stanley Benn “Privacy, Freedom, and Respect for Persons” in Roland Pennock and John Chapman (eds) Nomos XIII:
Privacy (Atherton Press, New York, 1971) 1 at 26.
129 At 7.
130 Craig, above n 18, at 360-361.
132 John Burrows “Invasion of Privacy – Hosking and Beyond” [2006] NZ L Rev 389 at 390.
133 Gavison, above n 5, at 438.

Jason Mitchell
18
of interference required. They are also too broad because our personalities are not entirely private.135 For
example, an artist may display a painting in a public gallery despite it being an expression of the deepest
recesses of his existence. Finally, some argue that these conceptions confuse liberty and autonomy with
privacy when they are actually separate values.136 Conversely, DeCew contends that privacy need not be
considered as totally exclusive from liberty and autonomy because different values can overlap.137
(b) Intimacy
The second category of personhood conceptions takes a different and more specific focus, namely the
development of intimate personal relationships. Robert Gerstein argues that “intimate relationships
simply could not exist if we did not continue to insist on privacy for them.”138 Similarly, James Rachels
believes that:139
[T]here is a close connection between ourability to control who has access to us and to information about us,and
our ability to create and maintain different sorts of social relationships with different people.
In general, intimacy-based conceptions of privacy use a definition of intimacy in an attempt to define the
aspects of life to which we should be able to restrict access and the information that we should be able to
control or keep secret.
Tom Gerety conceives of privacy as a form of limited-access to the self with intimacy acting as the “chief
restricting concept” in its definition.140 He defines intimacy as “the consciousness of the mind in its
access to its own and other bodies and minds, insofar, at least, as these are…secluded from the access of
the uninvited.”141 In other words, he sees privacy as limiting access to those matters which are intimate
to oneself as per his definition of intimacy. Unfortunately, this definition does not provide adequate scope
or content to his concept of privacy.142 Although he tries to develop the definition further,143 his use of
terms like “identity” and “autonomy” are too broad as they could apply to almost all of one’s actions and
decisions.
136 See, for example, Michael Sandel Democracy’s Discontent:America in Search of a Public Philosophy (Harvard University
Press, Cambridge, 1996) at 93.
138 Robert Gerstein “Intimacy and Privacy” in Schoeman, above n 121, 265 at 265.
139 James Rachels “Why Privacy is Important” in Schoeman, above n 121, 290 at 292.
140 Gerety, above n 102, at 263.
141 At 268.
143 At 274.

Jason Mitchell
19
As discussed above, Fried considers privacy as a form of control over information about the self and uses
the concept of intimacy to restrict the scope of information that one should have control over. He states
that:144
Intimacy is the sharing of information about one’s actions,beliefs or emotions which one does not share with all,
and which one has the right not to share with anyone. By conferring this right, privacy creates the moral capital
which we spend in friendship and love.
Privacy thus gives control over the information needed to form and foster relationships of “respect, love,
friendship and trust”.145 Through the ability to share differing amounts of information, privacy allows us
to maintain the different levels of intimacy that we desire in each of our varied relationships.146 Jeff
Reiman criticises this approach for merely defining intimate information as scarce information that
individuals only want to reveal selectively, without explaining what makes a particular relationship
intimate.147 It omits “the context of caring which makes the sharing of personal information significant.”
The ability to love and care for others transcends the mere sharing of secrets.
As also already discussed, Inness sees privacy as a form of control over intimate decisions. She defines
intimate matters and acts as those that draw “their value and meaning from the agent’s love, care, or
liking.”148 Accordingly, privacy is:149
[T]he state ofthe agent having control over decisions concerning matters that draw their meaning and value from
the agent’s love, caring or liking. These decisions cover choices on the agent’s part about access to herself, the
dissemination of information about herself, and her actions.
Her explanation of the scope of intimacy is superior because it is defined in terms of motives rather than
behaviours. Intimacy does not stem from particular forms of behaviour in themselves, but rather from
the motives behind that behaviour.150 Furthermore, whether behaviours are considered intimate or not
changes over time and varies across cultures. However, despite these improvements, this definition still
excludes some intimate matters. For example, many sexual relationships are devoid of love, care or
liking, and relationships between ex-spouses or siblings may be characterised by hatred.151 Even if these
144 Fried, above n 6, at 484.
145 At 477.
146 At 485.
147 Jeff Reiman “Privacy, Intimacy, and Personhood” in Schoeman, above n 121, 300 at 304-306.
148 Inness, above n 115, at 78.
149 At 91.
151 Farber, above n 123, at 515.

Jason Mitchell
20
relationships were categorised as non-intimate, they must still be considered to be private. Therefore,
Inness’ conception must be too narrow.
Moreover, Inness’ conception still suffers from a number of the flaws that are also present in other
intimacy-based conceptions. Although these conceptions identify some important values that privacy
protects and makes possible, they are too narrow because they omit many private matters that do not
involve intimate relationships, such as one’s financial information.152 Individuals may be in a non-
intimate relationship and still claim that their relation or activity is private, for instance: business partners,
or a psychiatrist and his patients.153 Privacy as intimacy also fails to “capture the dimension of private
life that is devoted to the self alone.”154 Finally, these conceptions do not account for the fact that, in
some circumstances, high levels of intimacy may “suffocate privacy” rather than facilitate it.155
B Reductionism
All attempts at a coherent conception of privacy have, to this point, been unsatisfactory. To settle upon
any one approach as the foundation for a tort of invasion of privacy would result in an overly vague,
broad or narrow scope of protection. These difficulties have led to some theorists taking a reductionist
approach to conceptualising privacy.
The strongest form of reductionism claims that these difficulties result from the fact that privacy is not
distinct and can be reduced to claims about other interests, many of which are already addressed by
current law.156 According to Judith Thomson, the right to privacy is actually a cluster of rights and it is
unclear what belongs in this cluster.157 She argues that there is no need to determine the common
denominator of the rights in this cluster, or its boundaries, because these rights all belong to some other
cluster. In other words, she believes that the right to privacy is “overlapped by other rights”,158 to the
extent that “it is possible to explain in the case of each right in the cluster how come we have it without
ever once mentioning the right to privacy.”159
153 WL Weinstein “The Private and the Free: A Conceptual Inquiry” in Pennock and Chapman, above n 128, 27 at 33.
155 Brett Mason Privacy Without Principle:The Use and Abuse of Privacy in Australian Law and Public Policy (Australian
Scholarly Publishing, Melbourne, 2006) at 69.
157 Judith Thomson “The Right to Privacy” (1975) 4 Philosophy and Public Affairs 295 at 313.
158 At 310.
159 At 313.

Jason Mitchell
21
This form of reductionism is criticised on three grounds. Firstly, it does not justify its assumption that
privacy derives from other more primary conceptions rather than the reverse.160 Secondly, even if the
right to privacy is derivative, it could still form a coherent cluster which might help in determining the
appropriate amount of protection that the rights in this cluster are worthy of.161 Including a privacy
analysis in resolving problems which implicate privacy should “reveal certain dimensions of experience
that are not displayed in the same way by other conceptions.”162 Finally, Thomson’s theory relies on
overly broad conceptions of personal and property rights.163 For example, her concept of “the right over
the person” includes “the right to not be looked at and the right to not be listened to”.
Weaker forms of reductionism also exist which, despite arguing that there is no common denominator
between the cluster of privacy rights, acknowledge that these rights manifest themselves in discrete and
unique ways and require separate protection. William Prosser claims that the law of privacy consists of
four kinds of invasion, each of which are “tied together by the common name, but otherwise have almost
nothing in common”.164 In considering the interests implicated by the four categories of invasion, he
argues that: (1) in an intrusion upon one’s seclusion or solitude, the wrong committed is the intentional
infliction of emotional distress; (2) the public disclosure of private facts about one results in injury to
reputation; (3) placing one in a false light in the public eye also damages reputation; and (4) an
appropriation of one’s name or likeness offends a proprietary interest.165
Bloustein, while accepting that privacy invasions can take multiple forms, strongly disagrees with
Prosser’s identification of the interests implicated by each invasion.166 He argues that in all four
categories identified above, the interest to be protected is one’s dignity and individuality.167 Gavison
speaks of the “poverty of reductionism”, arguing against reductionist accounts like Prosser’s because
they undermine our belief in privacy’s role as a central value in society.168 It is generally accepted that
there is something unique and separate about privacy, even if it is difficult to conceptualise.169
Furthermore, there is a danger that reducing privacy invasions into separate categories will not cover
different and new manifestations of privacy invasion, and condemn the law to being static.
161 Reiman, above n 147, at 301.
163 David Lindsay “An Exploration of the Conceptual Basis of Privacy and the Implications for the Future of Australian
Privacy Law” (2005) 29 Melb U LR 131 at 145.
164 William Prosser “Privacy” (1960) 48 Cal L Rev 383 at 389.
165 At 422.
167 At 972-993 and 1003.
168 Gavison, above n 5, at 460 and 467.

Jason Mitchell
22
C Pragmatism
Upon reviewing the theories above, Solove presents a third approach to conceptualising privacy.170 His
pragmatic conception of privacy, like reductionist accounts, abandons the search for the common
denominator to all privacy claims. He claims that this quest for clarity has actually resulted in confusion
because a single overarching concept cannot apply to the multitude of situations and problems involving
privacy.171 Instead, he suggests that we need a conception of privacy that is adaptive to not only different
manifestations of privacy, but also varying social, historical and technological contexts.172 This is not to
say that he believes that the coherent conceptions are devoid of merit.173 In fact, he believes that they
contain profound insights about privacy and take on varying degrees of appropriateness and importance
depending on the context of the privacy claim. However, as already shown, each suffer from significant
limitations which preclude them from serving as the foundation of general privacy law.
Therefore, given the futility of determining the essence of privacy, Solove proposes that we conceptualise
privacy in terms of Ludwig Wittgenstein’s notion of “family resemblances”.174 Wittgenstein explains
that “certain concepts might not share one common characteristic; rather they draw from a common pool
of similar characteristics, ‘a complicated network of similarities overlapping and criss-crossing’”.175 The
boundaries of these concepts are not necessarily fixed, and may be blurred and constantly changing.176
Solove argues that using these ideas to conceptualise privacy may provide greater clarity.
To put Wittgenstein’s theory into practice and understand the privacy concept as a complicated network,
Solove advocates a pragmatic approach in which we “focus more concretely on the various forms of
privacy and recognise their similarities and differences.”177 This requires a bottom-up approach to
conceptualising privacy, examining problems in their specific contexts, rather than in the abstract, trying
to fit them into predetermined categories.178. Solove sees privacy invasions as a “web of interconnected
types of disruption of specific practices”.179 Therefore, we “should conceptualise privacy by focusing on
170 Solove, above n 3.
171 At 1099.
172 At 1146-1147.
173 At 1099.
174 At 1091. See Ludwig Wittgenstein Philosophische Untersuchungen (unpublished) (translated ed: Gertrude Anscombe
(translator) Ludwig Wittgenstein Philosophical Investigations (2nd ed, Basil Blackwell, Oxford, 1958)).
175 Solove, above n 3, at 1097; Wittgenstein, above n 174, at [66].
176 Wittgenstein, above n 174, at [71].
177 At 1126.
178 At 1092, 1128-1129 and 1154.
179 At 1130.

Jason Mitchell
23
the specific types of disruption and the specific practices disrupted”.180 By focusing on particular points
on the web for each claim, we can concentrate on the relevant detail without being overwhelmed by the
whole web. Solove also contends that privacy is a means for achieving other ends that are valuable, and
thus its value varies according to the context; depending on the purposes of the practices involved and
the importance of those purposes.181
Solove uses an example to demonstrate his theory.182 He considers disclosure, which is a form of
disruption, and its effects on two privacy practices: anonymity in authorship and concealing the identities
of rehabilitating criminals. One of the purposes of the first is to promote the unfettered expression of
ideas; a purpose of the second is to help past wrong-doers reform themselves and build new lives. If the
concealed identity of an author is revealed, or the past crimes of a criminal exposed, these practices are
disrupted. The value of privacy in each instance is based on the varying importance of each of these
purposes.
Finally, to determine the practices which the law should protect against disruptions, we should examine
the value of privacy in particular contexts.183 We must focus on privacy practices, and specifically, “the
nature of privacy in these practices, the role that privacy plays in these practices, and the ends that these
practices further.” Upon determining the value of privacy in a particular context, as well as understanding
what it is and its importance, it will enable us to balance it against conflicting values.
The main criticism of Solove’s pragmatic approach is that it provides no formula for establishing whether
there has actually been a privacy invasion or not.184 Moreover, a web of connected parts without a
common denominator could be considered to have endless boundaries. Therefore, one could argue that
it is both too vague and too broad. However, Solove argues that a “family resemblances” approach does
not preclude attempts at a definition and that his concept does have boundaries, although they can be
fuzzy and moving.185 Furthermore, one can draw fixed and sharp boundaries but only as a tool for special
purposes. Given his argument that privacy can only be understood as a part of particular practices, it
would be impossible for him to define the sum and substance of privacy in general. Instead, he seeks to
180 To clarify, by “disruption”, Solove means a kind of privacy invasion, and by “practices”, he is referring to the various
activities, customs, norms and traditions in which privacy is a dimension of.
181 At 1143-1146.
182 At 1130-1131.
183 At 1143.
184 Law Commission Privacy: Concepts and Issues (NZLC SP19, 2008) at 41.
185 At 1098.

Jason Mitchell
24
offer “guidance in identifying, analysing, and ascribing value to a set of related dimensions of
practices.”186
A subsidiary criticism of the approach is that it conceptualises privacy violations rather than privacy
itself.187 It provides little understanding of what it means to experience privacy. However, while this may
be true, the focus on disruptions of particular practices is well suited to legal attempts to prevent and
remedy invasions of privacy.
D Summary
As identified above, having an accurate and workable conception of privacy is crucial to identifying the
best way to protect it. Unfortunately, it appears impossible to identify a coherent and unique common
denominator that can be used to identify privacy in all its various manifestations. However, this does not
mean that privacy is meaningless. Nor does it mean that privacy is unworthy or incapable of protection.
The value and importance of privacy has been discussed throughout this paper, and it is possible to protect
against privacy violations by using a bottom-up approach which focuses on the various forms of privacy
and examines problems in their specific contexts. The consequence of this is that we cannot procure a
simple formulation of privacy.
IV Formulating a New Model
As discussed in Part II, in New Zealand, the response to privacy problems so far has been to protect
against specific violations using a variety of common law, equity and statute. However, this has led to
fragmented protection and inconsistent remedies between areas that are protected. If we continue down
this path, the status of privacy will remain uncertain and unduly complex. Its development in each area
is overly dependent on having the right case come before the right judge.
Instead, to provide coherence and consistency in privacy decisions, we must develop a sophisticated
framework that is capable of analysing all privacy claims. It must recognise the multitude of diverse
privacy concerns, address each privacy problem in a way that takes account of its specific facts and
context, and determine whether the claim is worthy of protection above other conflicting values.
Additionally, it must be capable of adapting to changes in our social and technological environment. A
model which attempts to satisfy all of these conditions will now be advanced.
186 At 1129.
187 Law Commission, above n 184, at 41.

Jason Mitchell
25
A Defining the New Model
In order to construct a model that can accommodate the diverse circumstances in which privacy may be
compromised, we must use a broad and general statement of privacy. Instead of a perfect definition, the
search is for one that is flexible enough for the judiciary to then apply to the specific circumstances of
any particular privacy problem.188 Such a statement can be found through an adaptation of Canadian
constitutional law. Using the privacy principles for applying s 8 of the Canadian Charter of Rights and
Freedoms,189 as laid out by the Supreme Court of Canada in Dyment,190 Craig devises a framework
consisting of three elements for analysing all common law privacy claims:191
(1) The plaintiff has a personal interest falling within one of the zones of privacy (a private object);
(2) The defendant has, intentionally or recklessly, acted in a manner which has compromised the private object (an
invasion of a private object); and
(3) In the circumstances, the invasion of the private object was unreasonable (an unreasonable invasion ofa private
object).
The model being advanced is based on this approach. Each element will now be expanded upon.
1 Zones of privacy and private objects
In Dyment, La Forest J identifies three zones of privacy: territorial, personal and informational.192 Within
each zone, there are numerous “private objects” or, to use Solove’s terminology, “private practices”. In
order to satisfy this element, a plaintiff must be able to identify a private object or practice falling within
a zone of privacy.
The territorial zone covers the interest in controlling entry into one’s personal space. Objects included in
this zone are places that are typically considered to be private, for example, one’s home, hotel room or
hospital room, or a stall in a public bathroom or a phone booth that one is occupying.193 The personal
zone encompasses the interest in freedom from interference with one’s person or body. It comprises of
objects such as one’s body, image, voice, name or attention. Finally, the informational zone covers the
188 A general and flexible definition can be beneficial for the development of the law. See, for example, the “neighbour
principle”, as articulated in Donoghue v Stevenson [1932] AC 562 (HL), which has formed the basis for the tort of negligence.
189 Canadian Charter of Rights and Freedoms, pt I of the Constitution Act 1982, being sch B to the Canada Act 1982 (UK),
1982, s 8.
190 R v Dyment [1988] 2 SCR 417.
192 At [19].
193 Craig, above n 18, at 381-382 and 384.

Jason Mitchell
26
interest in controlling private information and data about oneself that is held or used by others. This
includes objects such as one’s health, sexual orientation, diary, medical records and private
communications.
A claim may involve multiple objects and zones of privacy. For example, in Kaye, a tabloid journalist
entered the hospital room where an actor was undergoing treatment for injuries sustained in a car
accident, took photos of him and obtained details about his health.194 This invasion implicated all three
zones: his hospital room was a territorial object; the photos capturing his image involved a personal
object; and his medical details were an informational object.
2 Invasions of private objects
To satisfy this element, a plaintiff must show that the defendant has intentionally or recklessly invaded
or compromised the private object in a manner that would be considered substantially offensive to a
reasonable person. Invasions or, as Solove puts it, “disruptions” of private objects take a variety of forms.
They are clearly not all the same. There are connections and differences between each and it is important
to recognise this for each claim.195 Furthermore, not all violations cause immediate injury, instead
creating a risk of future injury which means they can be more difficult to identify.
Currently, privacy invasions and compromises can all be placed into three categories: intrusions,
publicity and data vulnerability. Some of the more important invasions that require attention in the
present social and technological environment will be examined below in Subpart B. However, this will
be a non-exhaustive list and each category will be capable of expansion if needed.
The requirement that the invasion or compromise be “substantially offensive” to a reasonable person acts
to eliminate trivial claims and protect only against invasions that cause real injury.196 Requiring a
substantial level of offence is more appropriate than a high level of offence because it fulfils these
objectives while maintaining more flexibility for justice.
194 Kaye v Robertson [1991] FSR 62 (CA).
195 Daniel Solove “A Taxonomy of Privacy” (2006) 154 U Pa L Rev 477 at 486-488.
196 Penk and Tobin, above n 13, at 352-353.

Jason Mitchell
27
3 Unreasonable invasions
In many cases, the type of invasion will already be an established one and it will be obvious that the
private object has been compromised. However, privacy cannot be an absolute right. For the third and
final element, the plaintiff must show that, in the circumstances, a reasonable person would have expected
to enjoy privacy. This acts as the controlling factor. It requires the court to identify and weigh the
plaintiff’s privacy interest against the competing interests of the defendant; the result will determine
whether there was an unreasonable invasion of a private object. This is a proportionality test: the greater
the plaintiff’s privacy interest, the greater the countervailing interest needs to be to justify the invasion.
The following is an overview of the application of this element. Discussion of the competing interests
implicated in specific privacy invasions will take place in Subpart B.
Therefore, the first step is to determine the value of the plaintiff’s privacy interest in the particular
context. Following Solove’s approach, we must focus on the particular privacy problem to determine the
social value in protecting against it.197 This involves consideration of the nature and importance of the
private object as well as the nature and severity of the invasion.198 To use an example, objects such as
sexual activities and medical records are very intimate in nature, and thus the value of the interest in
protecting against invasions upon these objects is high. Another factor to be considered here is whether
the plaintiff is a public figure. If so, because such persons seek to use publicity to their advantage, they
must also accept negative publicity. Therefore, a public figure’s reasonable expectation of privacy must
be reduced compared to that of ordinary citizens.
The second step is to consider the competing interests of the defendant and the circumstances supporting
his or her position which may justify the invasion of privacy. Often misleadingly referred to as
“defences”, the interests considered here really go to the heart of whether the plaintiff’s expectation of
privacy is reasonable. The two justifications most often raised are legitimate public concern and implied
consent.199
Legitimate public concern requires “an assessment of whether some societal [concern] supporting the
defendant’s invasion can outweigh the plaintiff’s individual interest in repelling the invasion.”200 It is
preferable to consider “public concern” rather than “public interest” because the latter appears to merely
197 Daniel Solove “‘I’ve Got Nothing to Hide’ and Other Misunderstandings ofPrivacy” (Public Law Research Paper, George
Washington University Law School, 2007) at 16.
199 Where the plaintiff has expressly given his or her consent, there can be no reasonable expectation of privacy.

Jason Mitchell
28
require the public’s curiosity or titillation which should never be substantial enough to outweigh a
plaintiff’s privacy.201 Public concern is most commonly raised in publicity invasion cases where the
defendant, who is usually a member of the media, invokes his or her right to freedom of expression over
the plaintiff’s right to privacy. There is much debate about the competing statuses of these two rights but,
in New Zealand, it would appear that neither outranks the other.202 Given this, we must avoid the
“newsworthiness” test that operates in the United States which effectively gives the media free reign to
publish whatever it deems fit. Other invasions which may be justified by the concern of the public include
surveillance, data aggregation and data exclusion.
Where public concern is raised, a court should have regard to two factors amongst others.203 The first is
the objective of the defendant, for instance, whether a publication of private facts was for the purpose of
education or merely commercial gain. The second is whether there was an alternative available to the
defendant which would have resulted in a less severe invasion, such as omitting irrelevant details which
would reduce exposure of the plaintiff’s private life.
Implied consent requires an assessment of whether, due to the plaintiff’s conduct and the context in which
the invasion occurred, he or she has impliedly consented to the invasion and thus cannot assert a
reasonable expectation of privacy. Where the defendant raises implied consent, it is crucial that the court
frames the issue correctly and does not take account of an irrelevant factor.204 For example, if a plaintiff
leaves a topless photograph of herself in the defendant’s coat who then shows it to his friends, the issue
is properly framed as whether she impliedly consented to him exhibiting the photo. The fact that she
posed for, and thus consented to, the photo being taken cannot be interpreted to mean that she impliedly
consented to it being exhibited.205 Furthermore, the court cannot equate the plaintiff’s knowledge of the
invasion with his or her implied consent to that invasion.206 For instance, if a plaintiff knows that a third
party could be monitoring his calls, it should not be taken as meaning that he impliedly consents to such
monitoring.
202 The relationship between the rights is further complicated by the fact that privacy is necessary for the free formulation of
views, ideas and attitudes which, in turn, is necessary for truly free expression. Both rights are essential to a democratic
society.
203 Craig, above n 18, at 392-393.
204 Craig, above n 18, at 398-399.
205 These were the facts in Milton v Savinkoff(1993) 18 CCLT (2d) 288 (BCSC), where the Court took this irrelevant factor
into account in concluding that the plaintiff impliedly consented to the invasion.
206 Craig, above n 18, at 395-396.

Jason Mitchell
29
The incorporation of a balancing test within the model may be criticised for creating uncertainty in the
application of the law. It can be difficult to find comparable units to balance against each other.207
However, our courts have successfully employed balancing tests when applying a number of our human
rights provisions and this experience could be carried over. Furthermore, judicial balancing has proven
to be viable in the privacy jurisprudence of civilian legal systems such as Germany.208 Specific guidelines
for each competing interest would need to be incorporated in order to avoid the process becoming too
loose and vague. Some of these have been discussed in this Subpart.
B Specific Privacy Invasions
This Subpart will examine many of the privacy invasions and compromises that currently require
attention and could be addressed under the model defined in Subpart A. Some of the competing interests
involved and the objects that may be implicated in each violation will also be discussed. In addition, the
relationship of each invasion to others will be considered.
As already stated above, this is a non-exhaustive list and new forms of privacy invasions and
compromises may be added in the future as necessary. There are three categories of privacy invasions
and compromises: intrusions, publicity and data vulnerability.
1 Intrusions
The first grouping of privacy invasions can be called intrusions. This category protects against unwanted
social invasions into one’s private life. We will consider three forms of intrusion: physical intrusions,
surveillance and psychological intrusions.
(a) Physical intrusion
Physical intrusions cover direct physical incursions upon the seclusion of the plaintiff’s personal
activities, space and affairs, and interferences with the plaintiff’s solitude, his or her state of being alone
or ability to retreat from the presence of others.209 The private objects compromised in physical intrusions
may come from one, or a combination, of the three zones of privacy. The defendant often will have
intruded upon a territorial or personal object with the desire to obtain or reveal an informational object.
207 Thomas Emerson “The Right of Privacy and Freedom of the Press” (1979) 14 Harv CR-CL L Rev 329 at 342.

Jason Mitchell
30
However, harm can still be caused without the involvement of information. Moreover, this invasion is
not limited to intrusions which take place when the plaintiff is at home or in an isolated place. People
still have an expectation of privacy, albeit lower, when they are around others.210 For example, when
talking to a friend in a restaurant, we expect space from the other patrons in order to talk freely.
The privacy interest implicated here is the plaintiff’s integrity, in repelling attacks on his or her “shield”
of privacy.211 Moreover, the protection of solitude and seclusion in the private realm improves quality of
life in the public realm. It allows people to rest from performing the roles that public life demands.212 A
lack of refuge from others can be destructive to social relationships. The private realm also enables the
development of artistic, political and religious ideas, free from public pressure.213 However, we must be
careful to avoid giving people so much freedom from intrusion that they become isolated and self-
interested, to the point that they can escape their social responsibilities.214 It is in man’s nature to live
with others.215 Especially whilst in public, people must impliedly consent to some intrusion into their
personal space by others who are also free to move where they wish.
Physical intrusions share a connection with surveillance, as both penetrate the plaintiff’s private life and
can be disturbing, frightening and disruptive; and with disclosure, as the information disclosed is often
obtained through a physical intrusion.216
(b) Surveillance
Surveillance involves intangible intrusions into the plaintiff’s private life via the monitoring of his or her
functions, movements, activities or communications.217 Monitoring may be visual, such as watching
movements, taking photographs or inspecting emails, or auditory, such as eavesdropping or tapping
telephone lines. Surveillance can be occasional or continuous, overt or covert, and deliberately targeted
at an individual or at a particular thing, for example, at anyone who sends an email with a specific string
of words. Whereas in the past surveillance often required a trespass, technology has allowed it to take
place from a distance. As with physical intrusions, the private objects compromised in surveillance may
214 Michael Weinstein “The Uses of Privacy in the Good Life” in Pennock and Chapman, above n 128, 88 at 91-93.
215 Aristotle Ethica Nicomachea (translated ed:WD Ross (translator)Aristotle Nicomachean Ethics (Clarendon Press,Oxford,
1925)).

Jason Mitchell
31
come from one, or a combination, of the three zones of privacy. Surveillance is typically undertaken with
the purpose of obtaining or revealing an informational object. However, a failure to obtain the
information does not mean that no harm is caused because the act of surveillance results in an intrusion
upon a territorial or personal object.
The privacy interest concerned is the plaintiff’s loss of control and autonomy when being monitored.218
While the odd glance is not problematic, any sustained monitoring can create feelings of anxiety and
discomfort.219 It can also cause a person to alter his or her behaviour and leads to greater self-censorship
and self-consciousness,220 constraining the “acceptable spectrum of belief and behaviour” and driving
that person away from being creative and towards “the bland and mainstream.”221 Although covert
surveillance does not cause these chilling effects directly, it needs to be protected against because if
people are “generally aware of the possibility of surveillance, but are never sure if they are being watched
at any particular moment”, the effects may be even greater.222 These harmful effects can be experienced
with surveillance that takes place in public and private places, and thus people should be protected against
surveillance in all settings. On the other side, surveillance may be benign or justifiable so regard must
always be given to the defendant’s purpose, to the method used for monitoring and to the potential for
abuse.223 Surveillance may be justified by some positive social effect, such as maintaining social order
or deterring crime.224 However, some methods of surveillance record everything that an individual says
or does and can thus reveal information that is outside of the purpose for which it took place.225 This
information could be used to discredit or blackmail the individual. Therefore, even if the purpose is
justifiable, the method of surveillance may be overly intrusive and the information gathered may be
abused.
Surveillance is linked with physical intrusions, for the reasons stated above; with the various forms of
data vulnerability, as surveillance often collects data which is then exposed to the risks associated with
data handling; and with exposure and disclosure, as surveillance may produce humiliating photos and the
purpose of surveillance is often to obtain information that is to be disclosed.
220 Jerry Kang “Information Privacy in Cyberspace Transactions” (1998) 50 Stan L Rev 1193 at 1260.
221 Julie Cohen “Examined Lives: Informational Privacy and the Subject as Object” (2000) 52 Stan L Rev 1373 at 1426.
222 Solove, above n 195, at 495-499.
224 Solove, above n 195, at 493-494.
225 Solove, above n 195, at 495-496.

Jason Mitchell
32
(c) Psychological intrusion
Psychological intrusions are those that disturb the plaintiff’s peace of mind or interrupt the plaintiff’s
attention or activities. Examples include spam email, repetitive telemarketing, and probing and persistent
questions. These disturbances and interruptions are often targeted at obtaining information, but the
private objects that are actually compromised fall within the personal zone of privacy.
The privacy interest compromised by psychological intrusions is control and autonomy. They force the
plaintiff to reveal information or do something that he or she otherwise would not, or to change his or
her attention or activity away from that which he or she desires. The level of intrusion may become so
intense that it amounts to harassment which can cause emotional trauma. There must be a serious level
of psychological intrusion before an unreasonable invasion will be recognised because we are often made
to feel uncomfortable, and our attention and activities are commonly diverted by interruptions. The
defendant’s actions may also be justified by the plaintiff’s implied consent, for example, where he or she
has agreed to receive emails from the defendant.
Psychological intrusions are related to the other forms of intrusion, as they all penetrate the plaintiff’s
private life; and to secondary use, as these intrusions are often facilitated by the use of data regarding the
plaintiff that is held by another for a different purpose.
2 Publicity
The second set of privacy invasions can be labelled as publicity. This category protects against the
unwanted revelation or spreading of personal facts and information. We will consider five types of
publicity: breach of confidence, disclosure, exposure, exploitation and distortion.
(a) Disclosure
Disclosure involves the revelation of true, but personal or private, facts about the plaintiff to others. An
example is disclosing the fact that the plaintiff has a medical condition. The private objects compromised
will be in the informational zone of privacy. The dissemination will generally have to be widespread or,
in other words, to the public or a section thereof in order to be substantially offensive. Nevertheless, in
some circumstances, it should be enough that disclosure is made to one other person, for example, where
a computer database operator is in possession of personal information about an individual and discloses

Jason Mitchell
33
it to another party.226 This form of invasion is not limited to information that is kept completely secret.
Matters that are of general public knowledge, or are at least accessible by the public, are excluded because
they are no longer private. However, people often disclose personal facts to family members and close
friends, and expect this information to remain within the group.227 Where the plaintiff has revealed
personal information to some people but it has spread beyond his or her expectations of information flow,
there is still an invasion of his or her privacy.228 Whether he or she still had a reasonable expectation of
privacy depends, in part, on whether there was a low risk that the information would be disclosed to
others.
The privacy interest concerned here is the plaintiff’s desire to protect information that makes him or her
vulnerable or that can be used by others to harm him or her physically, emotionally, reputationally or
financially.229 Protection from disclosure can be necessary for individual security. For example, there are
good reasons to keep secret the addresses of witnesses to crimes and victims of stalking and domestic
abuse. However, aside from critical situations, some argue that protection from disclosure inhibits our
ability to judge another’s character and determine whether he or she is trustworthy. The counterargument
is that rather than improving our judgment, many disclosures give us a limited amount of skewed
information about another and will thus distort, rather than enhance, our assessment of him or her.230
Disclosure can also hinder one’s ability to grow, change or reform, as he or she is always tied to his or
her past. Having said that, protecting against disclosure does impinge upon the defendant’s freedom of
expression. To determine whether the right to privacy or the right to freedom of expression should
prevail, we must decide whether the information disclosed is of legitimate public concern according to
the principles discussed above in Subpart A.
Disclosure is linked with physical intrusions and surveillance, as the information disclosed is often
obtained through these invasions; and with secondary use, as once information is in the public realm it
can be used in unforeseeable ways.
226 Craig, above n 18, at 386-387.
227 Solove, above n 195, at 534-535.
228 Lior Strahilevitz “A Social Networks Theory of Privacy” (2005) 72 U Chi L Rev 919 at 974-975.
229 Solove, above n 195, at 531-533.
230 Lawrence Lessig “Privacy and Attention Span” (2001) 89 Geo LJ 2063 at 2068-2069.

Dissertation

Recomendados

Recomendados

Mais conteúdo relacionado

Semelhante a Dissertation

Semelhante a Dissertation (20)

Dissertation